Explore the intricacies of Chrome's security architecture and learn how to break out of its sandbox using Mojo in this 36-minute Black Hat conference talk. Delve into the challenges faced after exploiting a Chrome renderer vulnerability, including restricted access to OS resources and enforced site isolation. Discover how IPC services, designed to provide necessary functionality to the renderer process, can become potential targets for sandbox escapes. Gain insights from security researcher Stephen Röttger as he dissects the Chrome sandbox and demonstrates advanced techniques for bypassing its robust security measures.
Overview
Syllabus
Breaking the Chrome Sandbox with Mojo
Taught by
Black Hat
Related Courses
-
Shield with Hole - New Security Mitigation Helps Us Escape Chrome Sandbox to Exfiltrate User Privacy
-
New Wine in an Old Bottle - Attacking Chrome WebSQL
-
Cross-Site Escape - Pwning macOS Safari Sandbox the Unusual Way
-
Digging for IE11 Sandbox Escapes Part 1
-
Escaping Modern Web-Based App Sandboxes - Site Isolation Vulnerabilities
-
Thinking Outside the Sandbox - Violating Trust Boundaries in Uncommon Ways
